Top 5 Cybersecurity Threats of 2017

The year 2016 will be remembered for some big moments in the world of cybersecurity: the largest known distributed denial of service (DDoS) attack, a phishing attack on a United States presidential candidate’s campaign, and ransomware attacks on major healthcare organizations are just a few.

As we look forward into 2017, information security teams have to think like hackers in order to stay ahead of the challenges to come. Based on current trends, NopSec has released its latest report on the 5 biggest cyber threats we expect to see this year: nation-state cyber attacks, ransomware, DDoS attacks, the Internet of Things, and social engineering & human error.

We encourage you to download the free full report on these trends and what they could mean for your organization. For a preview, read on.

Nation-State Cyber Attacks

Nation-state cyber attacks refer to foreign government (or government-directed) organizations targeting other countries’ government or commercial institutions or infrastructure. Possible motivations for these attacks include eroding rivals’ economic and military competitiveness; influencing the political and diplomatic landscape; obtaining intelligence to advance weapons proliferation programs; and cyber warfare to create an advantage in armed conflict.

Media reports in 2016 brought nation-state-sponsored cyber attacks to the public consciousness to an unprecedented degree. The U.S. intelligence community assessed that senior Russian officials authorized data theft and disclosure in order to influence the 2016 U.S. election. Malware linked to the U.S. National Security Agency (NSA) was stolen, possibly by hackers with Russian ties, who attempted to auction the malware online. Yahoo reported that hackers who stole user data two years prior may have been state-sponsored.

Given all that is at stake, nation-state attacks are only going to continue to grow in number and sophistication. As technology and security advance, countries will continue to devote resources toward cyber espionage and warfare.

Ransomware

The U.S. Computer Emergency Readiness Team (US-CERT) reported 4,000 average daily ransomware attacks in 2016, or four times as many average daily attacks as in 2015. Analysts’ predictions for the degree to which ransomware attacks will grow this year vary – some say the growth will slow down, and others believe it will accelerate over what we saw in 2016.

As ransomware defenses are improving, the revenue that hackers can get from ransomware means they won’t be scared off easily. Not only that, but the business model for ransomware is changing, too. Ransomware as a service (RaaS) is now being sold on the dark web, opening up an opportunity for more criminals who lack technical sophistication to execute this form of cyber attack. Typically, the RaaS user can download the malware for little or no cost, and splits any proceeds earned with the originator. Ransomworms, which are ransomware that replicates itself to rapidly spread to multiple computers, have also been reported, and will likely proliferate. (For more information on preventing damage from ransomware, see our white paper.)

Distributed Denial of Service (DDoS) Attacks

The fall of 2016 saw what was likely the world’s largest distributed denial of service (DDoS) attack on internet performance management firm Dyn. The attack may have approached a volume of 1.2 terabits per second, taking down multiple popular sites like Twitter and Reddit.

Victims of a DDoS attack may or may not know the reason they were targeted. Hackers may have political motivations, desire to take out business competition, use it as a means of extorting money, or execute an attack to distract victims while performing another malicious action.

Most DDoS attacks fall into one of three categories, each targeting different components of the IT infrastructure. Volume-based attacks saturate a site’s bandwidth to block other visitors. Protocol attacks attack servers to tie up enough resources to lead to denial of service. The third major category is application layer attacks. These attempt to crash web servers through a flood of requests that appear legitimate. Based on 2016’s trends, we expect in 2017 to see more frequent and severe DDoS incidents.

The Internet of Things (IoT)

The constantly expanding world of the Internet of Things (IoT) has already given hackers plenty of opportunity. The DDoS attack on Dyn last year was made possible by a botnet that targeted IoT devices, whose rapidly growing number also means the proliferation of unpatched security vulnerabilities.

IoT security easily falls under the radar for many users. But imagine the leverage that a malicious actor could have over a large healthcare organization if the attacker were to gain access to the amount of electronic protected health information stored on the organization’s network of medical devices. Vulnerable networked video cameras and camera-enabled smart devices provide criminals access to sensitive recorded audio and visual information behind closed doors at target organizations. And recall Ukraine in late 2015 and again late last year, when hackers proved that they could target IoT to take down massive swaths of a country’s power grid, leaving residents in the dark in the middle of winter.

The IoT brings an unprecedented level of connectivity and convenience to our modern lives. Unfortunately, with the benefits and efficiencies created by IoT technology comes additional risk that manufacturers and users need to remain vigilant about throughout the product life cycle. Regulators, too, will struggle to keep up with the evolving threats.

Social Engineering and Human Error

Security experts can hardly say it enough: humans are your biggest cybersecurity vulnerability. The breaches can be intentional or unintentional. They can be the result of a single employee’s carelessness, a disgruntled employee seeking revenge, or the victimization of an employee by a sophisticated hacker.

Most email-savvy employees probably assume they can identify a spam email meant to scam the recipient out of money. However, these attacks are becoming much more sophisticated. Tactics that rely on social engineering, like spear phishing, succeed because the attacker has an intimate understanding of an employee’s motivations and role within an organization so that these can be precisely exploited. Then there are good old-fashioned human errors that leave networks open to opportunistic cyber criminals. Remembering strong passwords for multiple devices is a struggle for most consumers and employees, leading to poor password hygiene. Busy high-volume businesses like healthcare organizations may have difficulty managing privileged users effectively, leading to inappropriate access.

Human beings increasingly rely on technology to make their lives easier and achieve aims that they could not reach using people power alone. But there has yet to be technology developed to make humans infallible, and people will continue to be the biggest cybersecurity threat in 2017 and beyond.

2017 will see major advancements in technology. With these advancements, we must monitor the technology we use to make sure we’re protected from ever-evolving cyber threats. With the help of their entire organizations, infosec teams can keep their infrastructure safe and their businesses running smoothly. Knowledge is power: for more information on the top cybersecurity trends of 2017 and how you can protect your organization, download the full report now.